Use a controlled tenant
Integration testing should run against a demo, staging or customer-approved tenant, never against another restaurant tenant or public production try-it console.
Sandbox and Staging.
Safe rehearsal guidance for public API, webhook and MCP integrations without exposing live production internals.
Sandbox rules
Sandbox behavior is conservative until dedicated self-service developer tenant creation is connected.
Use scoped keys
Create separate API keys for test systems with the minimum scopes required and rotate or revoke them after testing.
Use bounded data
Test list endpoints with explicit limits and cursor pagination so test clients do not depend on unbounded reads.
Use signed webhook rehearsal
Webhook consumers should validate signatures, retries and idempotency with test events before production downstream processing.
No real secrets in examples
Examples use lv_live_REPLACE_WITH_YOUR_API_KEY as a placeholder only. Never paste real keys into shared docs, tickets or public forms.
Provider integrations need scope
Payment, fiscal, marketplace and delivery provider testing requires a scoped integration project after provider selection.
Dedicated self-service sandbox tenant creation is not exposed publicly yet. Request integration access through onboarding or account channels.
Plan a clean restaurant rollout.
Talk through locations, POS devices, kitchen workflow, menu migration, API needs and security review before launch.